package org.activiti.cloud.services.query.rest;

import org.activiti.cloud.services.query.app.repository.EntityFinder;
import org.activiti.cloud.services.query.app.repository.TaskRepository;
import org.activiti.cloud.services.query.app.repository.VariableRepository;
import org.activiti.cloud.services.query.model.ProcessInstanceEntity;
import org.activiti.cloud.services.query.model.QTaskEntity;
import org.activiti.cloud.services.query.model.TaskEntity;
import org.activiti.cloud.services.query.model.VariableEntity;
import org.activiti.cloud.services.query.resources.VariableResource;
import org.activiti.cloud.services.query.rest.assembler.VariableResourceAssembler;
import org.activiti.cloud.services.security.ActivitiForbiddenException;
import org.activiti.cloud.services.security.SecurityPoliciesApplicationServiceImpl;
import org.activiti.cloud.services.security.TaskLookupRestrictionService;
import org.activiti.runtime.api.security.SecurityManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping(value = {"/v1/variables"}, produces = {"application/hal+json", "application/json"})
@RestController
/* loaded from: input_file:org/activiti/cloud/services/query/rest/VariableController.class */
public class VariableController {
    private final VariableRepository variableRepository;
    private VariableResourceAssembler variableResourceAssembler;
    private EntityFinder entityFinder;
    private SecurityPoliciesApplicationServiceImpl securityPoliciesApplicationService;
    private SecurityManager securityManager;
    private TaskRepository taskRepository;
    private TaskLookupRestrictionService taskLookupRestrictionService;
    private static final Logger LOGGER = LoggerFactory.getLogger(VariableController.class);

    @ExceptionHandler({ActivitiForbiddenException.class})
    @ResponseStatus(HttpStatus.FORBIDDEN)
    public String handleAppException(ActivitiForbiddenException activitiForbiddenException) {
        return activitiForbiddenException.getMessage();
    }

    @ExceptionHandler({IllegalStateException.class})
    @ResponseStatus(HttpStatus.NOT_FOUND)
    public String handleAppException(IllegalStateException illegalStateException) {
        return illegalStateException.getMessage();
    }

    @Autowired
    public VariableController(VariableRepository variableRepository, VariableResourceAssembler variableResourceAssembler, EntityFinder entityFinder, SecurityPoliciesApplicationServiceImpl securityPoliciesApplicationServiceImpl, SecurityManager securityManager, TaskRepository taskRepository, TaskLookupRestrictionService taskLookupRestrictionService) {
        this.variableRepository = variableRepository;
        this.variableResourceAssembler = variableResourceAssembler;
        this.entityFinder = entityFinder;
        this.securityPoliciesApplicationService = securityPoliciesApplicationServiceImpl;
        this.securityManager = securityManager;
        this.taskRepository = taskRepository;
        this.taskLookupRestrictionService = taskLookupRestrictionService;
    }

    @RequestMapping(value = {"/{variableId}"}, method = {RequestMethod.GET})
    public VariableResource findById(@PathVariable long j) {
        VariableEntity variableEntity = (VariableEntity) this.entityFinder.findById(this.variableRepository, Long.valueOf(j), "Unable to find variableEntity for the given id:'" + j + "'");
        if (variableEntity.getProcessInstance() != null) {
            ProcessInstanceEntity processInstance = variableEntity.getProcessInstance();
            if (!this.securityPoliciesApplicationService.canRead(processInstance.getProcessDefinitionKey(), processInstance.getServiceName())) {
                LOGGER.debug("User " + this.securityManager.getAuthenticatedUserId() + " not permitted to access definition " + processInstance.getProcessDefinitionKey());
                throw new ActivitiForbiddenException("Operation not permitted for " + processInstance.getProcessDefinitionKey());
            }
        }
        if (variableEntity.getTask() != null) {
            TaskEntity task = variableEntity.getTask();
            if (!this.taskRepository.findAll(this.taskLookupRestrictionService.restrictTaskQuery(QTaskEntity.taskEntity.id.eq(task.getId()))).iterator().hasNext()) {
                LOGGER.debug("User " + this.securityManager.getAuthenticatedUserId() + " not permitted to access taskEntity " + task.getId());
                throw new ActivitiForbiddenException("Operation not permitted for " + task.getId());
            }
        }
        return this.variableResourceAssembler.toResource(variableEntity);
    }
}
